@echo off
setlocal enabledelayedexpansion

echo ============================================
echo 测试JWT认证功能
echo ============================================

set BASE_URL=http://localhost:8081

echo.
echo [1] 测试用户注册
echo 注册测试用户: authtest
curl -X POST "%BASE_URL%/api/auth/register" ^
  -H "Content-Type: application/json" ^
  -d "{\"username\":\"authtest\",\"password\":\"auth123\",\"name\":\"Auth Test User\",\"email\":\"authtest@example.com\"}"

echo.
echo.
echo [2] 测试用户登录
echo 登录获取JWT token...
curl -X POST "%BASE_URL%/api/auth/login" ^
  -H "Content-Type: application/json" ^
  -d "{\"username\":\"authtest\",\"password\":\"auth123\"}" > login_response.tmp

echo.
echo 登录响应:
type login_response.tmp

echo.
echo.
echo [3] 提取JWT token (手动复制token进行下一步测试)
echo 请从上面的响应中复制token值，然后测试以下命令:
echo.

echo 示例命令 - 获取用户信息:
echo curl -X GET "%BASE_URL%/api/auth/user" ^
echo   -H "Authorization: Bearer YOUR_TOKEN_HERE"

echo.
echo 示例命令 - 测试需要认证的端点:
echo curl -X GET "%BASE_URL%/api/some-protected-endpoint" ^
echo   -H "Authorization: Bearer YOUR_TOKEN_HERE"

echo.
echo.
echo [4] 测试无效token
echo 测试无效token访问:
curl -X GET "%BASE_URL%/api/auth/user" ^
  -H "Authorization: Bearer invalid_token_here"

echo.
echo.
echo [5] 测试错误的登录凭据
echo 测试错误的用户名密码:
curl -X POST "%BASE_URL%/api/auth/login" ^
  -H "Content-Type: application/json" ^
  -d "{\"username\":\"wronguser\",\"password\":\"wrongpass\"}"

echo.
echo.
echo ============================================
echo JWT认证测试完成！
echo ============================================

rem 清理临时文件
if exist login_response.tmp del login_response.tmp

pause 